Thanks to the notable improvement in digital broadcasting platforms which contribute towards a broader reception of digital contents, Pay-TV is ever evolving and gaining more and more audiences. However, this evolvement has to be escorted by security measures as hackers are unceasingly looking for new issues and vulnerabilities so as to acquire an unauthorized reception on their satellite or cable TV system.
Hence, in order to protect their investments and safeguard their revenue streams, Pay-TV providers have to rely on a strict Conditional Access System (CAS). CAS is responsible for ensuring that broadcasted contents are accessible only to those customers who have satisfied clearly specified conditions, mainly payment related.
To that end, the CAS involves two main components: a source-side component, and a reception-side component.
At the source-side, the digital content to be broadcasted (including video, audio and data) and which the provider wishes to restrict access, is encrypted (by using common DVB scrambling algorithms) with a cryptographic key, called a Control Word (CW). The CW is generated by a pseudo-random binary sequence generator (CW Generator). More generally, the CW is changed every few seconds (mostly, with a periodicity between 2 and 10 s).
Since there is no return channel or any others means to negotiate with legitimate Satellite or Terrestrial receivers, the CW, in turn, needs to be protected then carried by the broadcasted content itself. The CW is, thus, encrypted with a function specific to each CAS manufacturer, and is then packaged into so-called Entitlement Control Message (ECM).
Further, the Viewing rights of the individual subscriber is managed by the so called Subscriber Management System (SMS) and updates or changes in rights are packaged with entitlement data into so-called Entitlement Management Message (EMM).
Therefore, the resulting scrambled content, ECM, and EMM are broadcasted together in the same channel in only one scrambled stream.
At the reception-side, the CAS, mainly, includes an Integrated Receiver/Decoder (IRD), Television and a smart card, which are generally both comprised within a Set-top box (STB).
The IRD receives the scrambled streams which comprises the encrypted content, the ECM and the EMM. The IRD filters from the received stream the ECM and the EMM according to the parameters provided by the card and then forwards these messages to the card.
If the card belongs to the right broadcaster and is not revoked, then the card decrypts the ECM into a plain CW and transfers it back to the IRD so that IRD will be able to descramble the scrambled content (Video Image).
The descrambled content is then forwarded to a terminal user able to display such stream as a television or a computer.
The CW is very vulnerable to the link between the card and the IRD. In fact, by eavesdropping the communication of the card, an attacker may easily redirect the decrypted CW to others IRD to descramble the encrypted content. In other words, an attacker can effortlessly obtain the CW in the plaintext form while its transmission from the card to the IRD. Therefore, the attacker can distribute the obtained CW through Internet or radio means to unauthorized users so that they freely enjoy the protected content, without any subscription.
Such attack is known as “control word redistribution”, “CW sharing”, or “card sharing”, by which one legitimate user colludes to an unrestricted number of illegitimate users to provide unauthorized access to a protected content. In particular, by acting as a card server in a push system or a pull system way, only one legitimate card can provide numerous illegitimate receivers with free-access to an encrypted content, resulting in a serious threat to the security of the CAS.
In a push system, the card sharing pirate runs one or more IRD's, intercepts the CWs and sends all of them to clients. A client software application selects the needed CW for the watched channel out of the whole packet and loads it into its IRD's.
In a pull system one or more card, connected to a card server running on a PC are shared among Clients. As soon as an ECM is received by a client IRD, it is forwarded to the card server in order to be processed. The card server subsequently carries out the message decryption and forwards back to each client the decrypted CW. As a forward channel is needed to provide the ECM, such implementation can be deployed only on two-way connections, namely on Internet network.
Even if Pay-TV providers resort to frequently changing the CW, card sharing remain possible as the crypto period (generally around 7 seconds) is relatively greater than the required time to provide, in real-time, the CW to almost any person on the planet.
Accordingly, card sharing is more and more popular among network communities as it is powerful and easily deployable (no exhaustive smart card compromising or IRD manipulating) which makes of card sharing attack a significant security threat to be overcome.
It is in one object of the present invention to counteract card sharing attack.
Another object of the present invention is to remotely identify a shared card.
Another object of the present invention is to provide a method for card sharing prevention with the least modification on the underlying CAS hardware.
Another object of the present invention is to remotely identify a shared card, whatever deployed in a push system or a pull system manner.
Another object of the present invention is to be able to remotely identify a plurality of cards which are jointly shared via a card server.
Another object of the present invention is to provide a low computational complexity method for remotely identifying a shared card.
Another object of the present invention is to provide a method for retrieving the identifier of a shared card without any functional disturbance of the IRD.
Another object of the present invention is to pinpoint the identifier of a shared card in an invisible way for card sharers.
Another object of the present invention is to provide CAS managers with a plurality of decisions against shared card owners.
Another object of the present invention is to permit a remote identification of a shared card from almost any access point to the pirate network.
Another object of the present invention is to provide an outgoing communication method for the card.
Another object of the present invention is to cleverly dissimulate the identifier of the card in its outgoing communication.